You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
Not sure if it’s connected, but recently updated the IOS on my iPhone. Today, I notice when logging in to a few sites I get a notification on the phone that this password has been part of a data leak and that I should allow iPhone to change it. It also warns that I’m using the same password on 98 other sites…
Is it legit? Anything to worry about? I know there’s a lot of IT sorts on here.
Go into your phones setting’s - passwords - security recommendations to find out.
If you do use the same passwords across multiple websites then yes the chances are it has been compromised a few times.
If you have the password auto saved your phone will know.
Is it legit? Anything to worry about? I know there’s a lot of IT sorts on here.
Yep, the iPhone now checks all your stored password against HaveIbeenpwned list of leaked passwords.
Yes, last year maybe longer iOS added this, it’s handy.
It also warns that I’m using the same password on 98 other sites
I presume you know whether or not that's true? I strongly suggest the use of a password manager such as 1Password, LastPass, Bitwarden or similar. These make it relatively straightforward to generate and use secure passwords, with unique passwords for each site (which is what your phone is complaining about).
password management has been part of the Mac/iOS ecosystem for a long time so no need for 3rd party software! I believe there is now also a Chrome plugin if you use a Windows PC.I strongly suggest the use of a password manager such as 1Password, LastPass, Bitwarden or similar.
I presume you know whether or not that’s true?
Yes, it's true. I've always been pretty cavalier in regards to online passwords. If only because I can't see any alternative. Having different complex passwords for every single website just seems like madness. I'll look again at a password manager. In the past I've always been a bit suspicious about giving one company the keys to everything if that makes sense. A bit like using a proxy server. Another thing that worries me is that I use an iPhone, and a windows laptop. If I have a password manager app on the iPhone for example, does that mean I'll never be able to log in to anything on my laptop, or any other device because I don't know the password?..
My brain hurts now.
as above, it's built into iPhone & I think there's now a plugin for Chrome for using the passwords on your Windows laptop. When you go to change a password on a website, it should give you the option of automatically generating a random, secure one. Very easy, takes no extra effort or thought!If I have a password manager app on the iPhone for example, does that mean I’ll never be able to log in to anything on my laptop, or any other device because I don’t know the password?..
Sounds like Apple have finally caught up with what Google have been doing for several years.
You're overthinking password managers. Most are cross-platform and mature technology. Having the same password for everything is a huge security risk. Also, enable 2FA on anything you care about.
Honestly, just start using the password manager, and at some point you'll wonder why you hadn't done it ages ago. Just one password to remember! No more easily forgettable variations! No more niggle in the back of your mind you try to ignore, telling you shouldn't use the same password on everywebsite. Just do it!
Ok, where is the iPhone password manager? I mean, under security suggestions in settings/passwords, it says to 'change password on website'. There's no option to let the iPhone change it to some crazy long super secure and immediately forgettable password.
Ok, where is the iPhone password manager?
Distributed in iOS, to see passwords Settings -> Passwords
In safari is auto offers a random string for any website asking for a password (where it can recognise that's what requires) and if you use it, then it gets added to the list found above.
Where it doesn't always work is with Apps, some don't flag to iOS that they're asking for a password so the password manager doesn't get activated, occasionaly you have to cut and paste - but I guess that's poor app design rather than an iOS fault.
@Cougar riiiiight... the Mac password manager was around before Google was even [I]founded[/I] 🤣Sounds like Apple have finally caught up with what Google have been doing for several years.
Use 2 factor authentication where possible.
The latest version of iCloud for Windows now allows you to use passwords stored on your iPhone/Mac/iDevice on a Windows PC (if they are synched with iCloud by ensuring Keychain is synchronising).
Been living in the dark ages, just folliwed the steps to check my iphone passwords, a few worrying issues now sorted.Passwords changed, and selected 2 stage authentication on the most important.
Cheers for the knowledge and heads up👍🏼